网络安全行业并购行业洞察

Fall 2025M&A Industry Insights Cybersecurity Sector M&A Industry Insights, Fall 2025 Cybersecurity M&A activity accelerated markedly in Q3 2025, with 70 deals totaling $27.1 billion in disclosed deal value and pushing the year-to-datedeal count to a record 234. Deal value in the quarter was dominated by Palo Alto Network’s $24.1-billion acquisition of CyberArk, bringing the year-to- The CyberArk acquisition underscored identity management’s strategic importance to CISOs, particularly as agentic AI and IoT adoption propel machineand device identities to the center of enterprise risk management. Several major deals spotlighted the sector’s shift to AI-first security solutions,including Check Point’s acquisition of Lakera, F5’s buyout of Calypso AI, and Sentinel One’s purchases of Prompt Security and Observo.ai. The other In cybersecurity services, Accenture’s acquisition of CyberCX signaled accelerating convergence between automation and human expertise—manageddetection and response, threat intelligence and incident response—driving services M&A, particularly as AI becomes integral to the MSSP ecosystem. Notably, high-profile breaches, such as the estimated $2.5-billion Jaguar Land Rover incident during the quarter, amplified urgency for investment incomprehensive cybersecurity platforms. Meanwhile regulatory tailwinds—including the SEC’s cyber disclosure rules, the Digital Operational ResilienceAct (DORA) in the EU, and the UK’s Cyber Security & Resilience Bill—are increasingly also shaping M&A activity as buyers target governance, risk and In public markets, Q3 saw the well-received $900-million IPO of Netskope, even as the top quartile for EV/next twelve months’ revenue for public stockstraded down from 13.0x to 10.7x over the quarter. Investors nevertheless continue to reward scale and product breadth, supporting what we expect to By Q3, 2025 Sets a Record for Cybersecurity M&A Deal Volume Year to date deal value is nearly double the deal value in 2024, boosted by Palo Alto’s acquisition of Cyberark Largest Cybersecurity Acquisitions in Q3 2025 Palo Alto’s CyberArk deal led deal value in Q3, following Mitsubishi’s nearly $1-billion acquisition of Nozomi Networks Precedent Transactions – Cybersecurity Software Software cybersecurity deals since Jan-24 have had median EV / revenue multiple of 8.1x Precedent Transactions – Managed Security Services Recent managed cyber services deals have had median EV / EBITDA multiple of 11.1x Public Comparables – Cybersecurity Through the Cycle Upper Quartile multiple traded at 10.7x, stabilizing after a strong rebound in Q2 Public Comparables – Benchmarking Cloudflare and CrowdStrike trading at highest revenue multiples of c. 28x and 20x respectively Top Strategic Acquirors of Cybersecurity Software Most active strategic acquirors of cybersecurity software businesses over the last 5 years Cybersecurity Software Ecosystem Kroll tracked cybersecurity software universe Security Services Market – Value Chain Security services vendors are building out new technology-enabled service and MSSP offerings by leveraging best-of-breed software capabilities Cybersecurity Market Overview Cybersecurity represents a large $200-billion+ market Market trends Exponential growth of data The rapid increase in security-related data is overwhelming traditional tools and analysts, requiringadvanced analytics and automation for effective processing. Security teams are struggling to monitor the Increasing sophistication of threat actors While AI developments have allowed IT teams to streamline threat detection and response processes, theyhave also allowed cybercriminals to employ increasingly complex and multistaged attack techniques. These Human risk management (HRM) HRM has emerged as a critical risk factor that recognizes that the expanded digital workplace and complexmodern communications have vastly increased the human attack surface. This approach goes beyond From threat management to risk management In the face of an ever-increasing threat landscape, practitioners are shifting from threat management to riskmanagement by adopting a more comprehensive approach that assesses and prioritizes threats in relation Consolidation of vendors and tech stacks Layered infrastructure security stacks are increasing the challenges of security configuration management,leaving organizations with security control gaps. Platforms with modular sets of integrated security TBC TBC About Kroll Kroll Cyber Risk Services Leading end-to-end services provide unique market insight for thoughtful positioning and buyer access Preferred/approved vendor for 60+ cyberinsurance carriers Kroll Investment Banking Comprehensive advisory capabilities and leading M&A franchise Kroll provides risk and financial advisory solutions, including corporatefinance, valuation, cyber risk and other strategic advisory services #5 U.S. middle-market advisor over the past 10 years1#1 for fair